Computer expert details e-mail snoop detector

Ian David

(1000+ posts) Send PM | Profile | Ignore

Wed Dec-28-05 11:02 AM
Original message

Computer expert details e-mail snoop detector

Computer expert details e-mail snoop detector
December 27, 2005 10:18 AM PST

Richard M. Smith, a computer privacy expert, has suggested a method to find out if the government is monitoring a person's e-mail.

"With all of the controversy about the news that the NSA (National Security Agency) has been monitoring, since 9/11, telephone calls and email messages of Americans, some folks might now be wondering if they are being snooped on," he said in a blog posting last week.

To find out, Smith suggested the following recipe: Set up e-mail accounts with Hotmail and a non-U.S. e-mail provider and send e-mail back and forth whose contents "might be interesting to the NSA." He supplies a list of various ways to trigger NSA curiosity. The e-mails should also include an otherwise unpublished Web page address whose logs the interested person can view. Then scrutinize the logs to see if anyone is visiting the site.

The method also can be used to see if others who have access to your password or computer are reading your e-mail on the sly, he said.
Posted by Stephen Shankland

More:
http://news.com.com/2061-10789_3-6009969.html?part=rss&tag=6009969&subj=news

Printer Friendly | Permalink | | Top

Xipe Totec

(1000+ posts) Send PM | Profile | Ignore

Wed Dec-28-05 11:11 AM
Response to Original message

1. Clever, but not foolproof

You can easily block automatic access to the website by disabling HTML capability in the snooper.

Also, you will pick up IP address trawlers that systematically search domains.

So, not all snoops trigger hits (false negatives), and not all hits imply snoops (false positives).

Printer Friendly | Permalink | | Top

Ian David

(1000+ posts) Send PM | Profile | Ignore

Wed Dec-28-05 11:20 AM
Response to Reply #1

2. Agreed. Meanwhile, see this thread

The DoD scanned my ports yesterday
http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=104x5701286

Printer Friendly | Permalink | | Top

Xenotime

(1000+ posts) Send PM | Profile | Ignore

Wed Dec-28-05 11:34 AM
Response to Reply #2

3. This is stoopid...

"I would suggest sending out a few hundred thousand messages using various tricks to find one that might work."

If you are going through that much work and effort to see if they are snooping, just fucking use PHP (SHA-2 with up to 512-bit hashes). And if you use a random generated passphrase like

J|q{2;KTjX"jAR=CHOTo]`@\em9NqH]B=Fgkz}]xF!4Xn5-JD&>r'tbKN~
It would be more time effective for them to get your computer to read your mail.

Geez.

Printer Friendly | Permalink | | Top

DU AdBot (1000+ posts)

Sat May 04th 2024, 05:52 AM
Response to Original message

Advertisements [?]

Top

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.